Sony has responded to the recent cracking of the Playstation3, and the company claism that they can fix the issue - which ought to be impossible considering the scope of the hack. "We are aware of this, and are currently looking into it," Sony said, "We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details."

"The complete console is compromised - there is no recovery from this," said pytey, a member of the fail0verflow group of hackers […] "The only way to fix this is to issue new hardware," he said. "Sony will have to accept this."http://www.bbc.co.uk/news/technology-12116051

Knowing next to nothing about PS3 security - the only thing I can think of is that their binaries are all signed with multiple keys, and that only one of their root keys has been compromised thus far, allowing them to blacklist the use of that key in future firmware updates.

Is that conceivable? If true, it seems like that would already be known to the hackers who have been exploring the PS3 - unless the current firmware and software hides the fact that other keys already exist and only Sony knows this.

if they whitelist all applications with old key, they could add new RSA in firmware. but as I got it from presentation only one RSA key was used to sign and that one is hard burned into PS3.

you must also not forget game on bluray can't change its encryption. and people payed for those games, so they would probably like to be able to play them. but if they plan to update RSA with new game versions trough update... i'm selling off all of my ps3 collection with ps3. hdd is way too small to fit updates for all the games i have. thanks, but not thanks.

Highly doubt it. There ARE multiple signing keys used for different things, and not all of them have been figured out yet - but the mechanism for figuring them out has been proven and it is simply a matter of time to collect them all. I imagine a highly competitive hacker's version of Pokemon is taking place as we speak... They should name the signing keys for different consoles after Pokemon characters, that would be fun

Of course we will fix it. And then the hackers will crack it again, and we'll waste the money you paid us to actually make a product on yet more DRM crap, which will be broken yet again. Thank you very much for supporting us, please give us more of your money so we can piss it away rather than working on actual innovative things like new products. Sincerely, Sony.

I do agree and find drm on the whole a waste of time, it's annoying and only a couple of implementations have been done in which they work in a way I find acceptable, steam and to a lesser degree iTunes.

However even though Sony are the kings of the worst of the DRM, they are in a sort of a bind. They will have to make some strong statements as games developers will start wondering if it's a good idea to develop a £1million game if there's a chance a big percentage of the games will be pirated. One of the fundamental promises that game platforms offer is that will be a pirate free as possible to attract the developers to the platform.

I think Sony shouldn't have wasted there time and our money on removing features such as Linux, stopped being greedy by removing PS2 comparability and instead charge us for games we already own, this was a selling point for the ps2, being able to play ps1 games. However I do hope that Sony gets this under control and it's going to hurt the gamers when developers say, sod it the potential loss through piracy is too high let's skip the platform. We already see this with a lot of games due to the difficult development tools and environment, another blow will really hurt the platform.

I don't think any game platform is pirate free...
In fact, PS3 was pretty much the last to fall so by your reckoning virtually all games should be available exclusively for the PS3.

Xbox 360, Wii, PSP and DS have been cracked for years, and there are huge numbers of games downloadable from torrent sites for them. PC games are routinely cracked and piracy is rampant there too, as is piracy on the mobile platforms.

If developers refuse to develop for PS3 then piracy won't be the reason, although it will probably be used as an excuse...

I would argue that there are less pirates on the PS3 than other platforms.. The vast majority of games are already available on Xbox 360 and/or Wii, the PS3 has a relatively small number of exclusive titles so anyone wanting to pirate games which are cross platforms will already own one of the other consoles long before the first PS3 hacks came out.

Pirates are typically averse to spending money, so the idea of buying a PS3 to play the few exclusive games for that platform probably isn't worth the money.

Not true, at least not in my case. Yes you can call me a pirate (900 Gigabytes of games and 613 Gigabytes of video files) but I am also a PURCHASER. I buy books, movies and games. I have an Xbox, Wii and had a PS3 before I sold it, and was not averse to buying games for them.
In fact, the reason I don't have a PS3 anymore is because Sony took away OtherOS, all because they were afraid of piracy. Well, jokes on them, cause I sold my PS3 and they're not getting my money now!

Isn't it funny how there was virtually no news of PS3 piracy before they removed OtherOS? Before, there was no legitimate excuse to hack the PS3 because people could already run Linux (albeit without access to 3D acceleration), and now all the pirates are going to use running Linux as their covert reason!

"and now all the pirates are going to use running Linux as their covert reason!"
Nope, piracy is not the main purpose of the hackers that broke the PS3 wide open, with its organs still beating with life. The hackers wanted to... HACK ! Sony removed the hack service provided through OtherOS, they restored back the hack service through... hacking the console. Pirates don't have the knowledge to do that (otherwise the console would have been wide open long before) but instead are pro at bittorrent.

Currently the hackers have withdrawn some vital informations that could lead to widespread piracy on the PS3, mostly because they are not pirates, they just wanted to access a legacy feature of their bought console : OtherOS ! However since reaching this point requested to break several barriers, the last obstacles to piracy are now pretty thins, and of course, pirates will be eager to spend their money in the new USB dongle instead of original games.

The hackers done a pretty good job at trying the revert back the console into its original claims. Buy a car with integrated gps and tv/radio, whatever. Then after 2 years the manufacturer comes to you, open you car with a special key and remove them for "your own safety, your supposed to drive, not listen to music or whatever" Silly behaviors, hackers are not that stupid not to protest.

What would be cool is to 'enable' piracy through the use (recompilation ?) of Linux, so that pirates wouldn't be just covering their ass pretending the hacking exploit is to play with Linux, they would actually HAVE to use it, if not code it to actually play their pirated games. At least they'll get some knowledge, that, perhaps would use the force on the Jedi front...

I phrased it poorly. I didn't mean the pirates were behind this - I agree that they barely have the technical skill. I meant that now that there's a legitimate (if TOS breaking) reason to hack your console, then purveyors of tools that just so happen to enable piracy (that is to say, not the ones that actually just happen to enable it, but those with the goal of it - sarcasm is a pain in the ass in text) can claim the main purpose is Linux, and they can't be held responsible for the reprehensible and illegal acts of their entire community.

All consoles should come open since all those Fantastic homebrew games I have played over years, I can't name single because they were so Fantastic that I forgot the names. The piracy thing is lie and only makes platform more popular. There hasn't been single proof that platform, not even Amiga that was just so Awesome that evil business men had to kill it, or game company would gone bust due piracy. And if they did they should just release Fantastic homebrew games with ads, because gamers just love ads.

I bought My console with my own money that I got from social service, that was paid by other people taxes, so I can do whatever I want it. No people ever has downloaded pirated games, they are just testing because lot of games are so bad or getting backup copy because DVD's scratch so easily and are product of evil business men. Demos don't since if I can't play it till end I can't be sure if it was good game.

Indeed. The master key has been found allowing one to generate perfectly valid signatures as many as one likes, and the master key is burned in the hardware and cannot be updated via software.

Sony cannot remove access to the master key, they cannot change it, and if they blacklisted it in software they'd be blacklisting all the signatures made with it thereby also blacklisting themselves.

I don't see how they're planning to fix this, and I really do think this is nothing more than a PR stunt; they are afraid of losing games publishers because of this. Of course, any games publisher worth their salt already knows the ramifications of master key being leaked and they know it can't be fixed.

Oh, so if a "security issue" that just happens to give back paying users of a Sony computer system their rights to use features that Sony themselves took away, then Sony takes it seriously.

But if they themselves compromise security on other computers by willfully installing rootkits on systems probably not "owned" or at least not able to be controlled by them, then it's OK.

F***ing hypocrites.

Seriously, I wish Konami would re-release the Silent Hill series on the Xbox 360. Being a life-long Nintendo fan and having a general dislike for Microsoft since about halfway through Windows XP's life, I would say normally say Wii, but GameCube controllers are getting rare and hard to find and I doubt the "Classic Controller" would work very well... but who knows? Maybe it would work out and I would be pleasantly surprised. [Haven't used the Classic Controller Pro... maybe it would be even better. Just no stupid, forced motion controls tacked on just to get additional sales.] It's not like those games require high definition to look good, as it wasn't even around at the time to begin with (at least, not well supported and forced onto us like it is now).

At least the original three games in the series, maybe Metroid Prime Trilogy-style (three games, one disc). That way, my *only* two reasons for owning a PS2 (Castlevania: Symphony of the Night and the Silent Hill series) will be gone. I hate Sony as a company, and I wish I could get rid of the last Sony product I have (and probably the only Sony product I've ever owned). The best thing Sony did was E3 2006--I had endless entertainment and made fun of them for months after that. In fact, I still do occasionally (can't get enough of that Giant Enemy Crab...).

Ah... memories. Sony's E3 2006 conference was great almost all the way through for all the wrong reasons. A great year and one of a kind for video game comedy.

Well if Sony would be to give users right to run on PS3 whatever any developer freely created the console would cost ~ $500 and that's after last postchristmas %50 discount.

Well it wouldn't showup on market at all, as the whole business model wouldn't work at all.

I think that the only model that is fair and would cater for developement costs would be subscriber oriented one (alas to digital tv) where one would only lease devices (along with access to some game channels) for a monthly fee.

On the other hand they could fankly declare their ROI requrements and for example commit themselves to some level of units sold after which the platform would be opened for some homebrew developement.

This is because they loose money on the system just to make it back on games. It is being dumped and they are doing everything in their power to deny the end user the right to use what they bought. This is worse than anything the CIA ever did.